list open ports in linux

How to List Open Ports in Ubuntu Linux

Sometimes you may need to view all the open ports in your Linux system to ensure that unknown processes are not exposing your system. You may also need to find out open ports on your system if you want to run a process on one of the closed ports and open it. There are multiple ways to list open ports in Linux. In this article, we will look at the different ways to do it using ss, netstat and nmap commands.

How to List Open Ports in Ubuntu Linux

Here are the different ways to list open ports in Ubuntu Linux. You can also use these commands on other Linux distributions since these commands are available in almost every Linux system.

List Open Ports using netstat

Open terminal and run the following command to list open ports using netstat command.

$ sudo netstat -tulpn | grep LISTEN

In the above command,

  • -t : List All TCP ports
  • -u : List All UDP ports
  • -l : List open server sockets
  • -p : Display PID & name of the program along with their open sockets
  • -n : Don’t resolve names
  • | grep LISTEN : Display open ports by applying grep command filter.

netstat command will display all processes along with their ports. So we pipe its output to grep command to filter only open ports. We search for LISTEN string which indicates listening ports that is, open ports.

You will see output like the following, which lists apache and ssh processes running on ports 80 and 22 respectively.

Proto Recv-Q Send-Q Local Address           Foreign Address         State       User       Inode      PID/Program name 
tcp   0      0 *               LISTEN      0          43385      1821/apache2  
tcp   0      0    *               LISTEN      0          44064      1823/sshd 

Display Open Ports using ss

You can also use ss command to view socket statistics

$ sudo ss -tulpn

You will see output similar to one shown below.

Netid     State      Recv-Q     Send-Q                                Local Address:Port            Peer Address:Port                                                                                                                         
udp       UNCONN     0          0                                    *         users:(("chromium",pid=13873,fd=419))                                                                         
tcp       LISTEN     0          5                                   *         users:(("mcd",pid=4884,fd=0))                                                                                     

Show open ports using lsof

You can also use lsof command to display open ports.

$ sudo lsof -i -P -n | grep LISTEN

where the different options mean the following

  • -i : look for listening ports
  • -P : prevent conversion of port numbers to port names for network files to make command run faster
  • -n : don’t use DNS name
  • | grep LISTEN : only show ports in LISTEN state that is open ports

List open ports using nmap

You can also use nmap command to list open ports as shown below.

$ sudo nmap -sTU -O localhost

In the above command, the different options mean

  • T – TCP/IP ports
  • U – UDP ports

Please note, even if a port is open it may still not be accessible from outside due to firewall blocking its access. So it is also important to view firewall rules to ensure that your port is completely open.

Here is the command to list firewall rules/open firewall ports.

$ sudo iptables -S

Keeping track of open ports is one of the most important tasks of system administrators. In fact, you may need to regularly run the above commands to keep an eye on open ports on your system. So you may want to add a cronjob with any of the above command and save its output to a file. This way you just have to simply open the file to view the open ports on your system on that day. For example, run the following command to open crontab.

$ sudo crontab -e

Add the following line to your crontab file to run the netstat command every day at 10AM to list all the open ports on your system at that time. The output of this command is saved to /home/open_ports.txt automatically. YOu can modify it as per your requirement.

0 10 * * * sudo netstat -tulpn | grep LISTEN > /home/open_ports.txt

All you need to do is open this file every day to check if any unexpected ports are open on your system.

$ sudo cat /home/open_ports.txt

Also read:

How to Rewrite URL to Another Subdirectory in Apache
How to Rewrite URL with Parameters in Apache
How to Combine Two Files in Linux
How to Rewrite URL to Another URL in Apache
How to Filter Logs by Date/Time in Linux

Leave a Reply

Your email address will not be published. Required fields are marked *